Walking a fine line between crime prevention and protection of rights
By Russel Luck
The Regulation of Interception of Communications and Provision of Communication-related Information Act 70 of 2002 (RICA) advances the Interception and Monitoring Prohibition Act 127 of 1992. The preamble of RICA discusses, among other things, regulating the interception and monitoring of communications and the execution of directions and entry warrants by law enforcement officers. No express mention is made of crime prevention throughout the preamble, though it is implicit that the rationale behind RICA is to effectively prevent crime and prosecute criminals.
RICA regulates 'direct communications' and 'indirect communications', which are defined broadly to include, but are not limited to, e-mail and mobile phone transmissions and communications that deploy text, data and visual images or a combination of the above.
RICA has been widely covered in the media as South Africa becomes increasingly reliant on technology in all spheres of life. This article provides an overview of RICA and identifies two areas in which the balance to preserve rights and prevent crime may be skewed.
Overview of RICA
Since its initial enactment in 2002, the provisions of RICA have been amended and supplemented several times to include, among others, a schedule relating to fixed line operators, mobile cellular operators and internet service providers. It further contains directives on the technical requirements and security requirements covering the interception, recording, storing and routing of various forms of communications.
When analysing these supplements and amendments superficially, it is clear that additional guidelines and definitions are necessary to successfully regulate communications in an ever-changing technological and digital world. Their effect is to impose duties on the providers of communication services to keep records of their customers and records relating to their customer's communications before they can provide such services to customers.
In order to exemplify how efficacious the provisions of RICA have been on casting a net wide enough to regulate the mobile phone sector in South Africa, a statement issued by the Department of Justice on 6 July 2011 is informative:
'At midnight on the 30th of June 2011 the following numbers of registered SIM cards from different MCO's had been registered: Cell C had 99,99% of contracts and 97% of prepaid subscribers registered, MTN had 99,5% of contracts and 97% of prepaid subscribers registered and Vodacom had 98,98 % of contracts and 95,12% of prepaid subscribers registered' ('Post RICA Campaign Media Briefing' www.justice.gov.za/m_statements /2011/20110706_ricabriefing.htm, accessed 13-1-14).
As a default position, s 2 of RICA prescribes that the interception and monitoring of communications is prohibited. Similarly, communication service providers (as defined) may not disseminate information relating to those communications. No person may disclose information they acquired while exercising a duty in terms of RICA. No person may manufacture equipment that would primarily be used for the monitoring, interception or recording of information relating to communications.
However, RICA provides, primarily in ss 3-11, exceptions to the above prohibitions where in certain instances communications may be monitored or intercepted, namely -
- a directive has been granted that permits the above prohibited activities;
- the party protected by RICA gives requisite consent;
- the entity engaging in the above activity was also a party to those communications;
- intercepting, monitoring or disseminating information of an employee while carrying on a business;
- interception to prevent serious bodily harm;
- interception to determine a location during an emergency; or
- when entitled to do so in terms of other legislation.
Lastly, s 30 of RICA imposes duties on parties who use or supply communication services regulated by the Act. Telecommunication service providers must store communication-related information about their customers. They must disseminate such information if an appropriate directive has been issued and cannot create a network that is incapable of recording communication-related information. Decryption key holders must supply a decryption key when an appropriate directive has been issued. Customers of various telecommunication service providers must supply certain information to those service providers.
When looking at RICA within the broader legislative framework that protects 'data' and recognises 'data messages' (as defined in the Electronic Communications and Transactions Act 25 of 2002), RICA could be a potent weapon to assist in criminal prosecution and crime prevention. However, two aspects of RICA may lead to rights infringements and practical abuse.
Privileged communications intercepted using s 5 of RICA
Section 5 of RICA allows communications to be intercepted if a party to those communications gave prior written consent to do so. The question arises whether privileged communications between an attorney and client could also be intercepted in terms of the provisions of s 5?
In Thint (Pty) Ltd v National Director of Public Prosecutions and Others, Zuma and Another v National Director of Public Prosecutions and Others 2009 (1) SA 1 (CC) the court, in paras 183 and 184, maintained that attorney-client privilege is to be taken very seriously but it is not an absolute right and can be outweighed by countervailing considerations.
Similarly in S v Tandwa and Others 2008 (1) SACR 613 (SCA), the court outlined in paras 18 and 19 that attorney-client privilege can be waived expressly, tacitly or by conduct sufficient to impute that the privilege has been waived by the client.
Section 5 of RICA has yet to be tested by our courts, but it is asserted that where a general consent to have communications intercepted inadvertently intercepts communications that are privileged, the right to privacy and fair trial would be infringed. In each instance, one would have to look at the surrounding circumstances and the parameters of the written consent to determine if such infringement was justifiable.
Stretching the limits of s 23
Section 23 of RICA allows for a direction application to be made orally, as an alternative to a written application, during 'exceptional circumstances'. Such an application may be granted immediately provided that, within 48 hours of such application being made, a written version is supplied to the appropriate judge. This is problematic as the grounds on which the application was made orally could differ substantially from the written version received by the judge after the direction or warrant has been granted.
Similarly, s 23(7) of RICA allows for an application for an interception direction or entry warrant to be made orally and granted orally, provided that the designated judge confirms the terms of that interception direction or warrant in writing within 12 hours after it has been issued. This too provides a period of time in which the terms of an orally granted interception direction could be stretched by applicants to exceed the powers conferred on them under that interception direction.
In both of the above instances, s 25(5) of RICA holds that the contents of any communication will be inadmissible in civil or criminal law proceedings, unless the court opines that admitting such evidence would not be detrimental to the trial or administration of justice. Once again, the facts of each specific case would determine if an unjustifiable infringement of human rights occurred.
What is concerning about s 23 (and interception and monitoring legislation in general) is its potential for abuse. For example, a ruling political party could use such legislation to further its agenda rather than to protect citizens from crime. The Oxford Pro Bono Publico reported three instances in South Africa where alleged abuse of power occurred under RICA's predecessor legislation, the Interception and Monitoring Prohibition Act 127 of 1992 (Oxford Pro Bono Publico 'Legal Opinion on Intercept Communication' (2006) University of Oxford (www2.law.ox.ac.uk/opbp/OPBP%20Intercept%20Evidence%20Report.pdf, accessed 13-1-14).
In 1996 the South African Police Service was alleged to have tapped thousands of telephones as reported in 'Newspaper uncovers "unlawful tapping by intelligence units"' The Star 21-2-1996. The Democratic Party was reported to have found monitoring devices in its offices in 'Democratic Party outraged by bugging of its offices' Africa News 23-11-1999. In 2000, Reuters news wire reported that the South African government issued an apology to the German government after spy cameras were found in the German embassy in 'SA spy camera points at German Embassy' iolnews 19-11-1999 (www.iol.co.za/news/south-africa/sa-spy-camera-points-at-german-embassy-1.20141#.UtOpztGlqid, accessed 13-1-14).
In today's digital world South Africans communicate through technology - more frequently than ever before - via mobile phone, e-mail, social media, short message service and various forms of data transmission
These communications can be monitored and intercepted with increased sophistication and little transparency. It is hoped that the courts remain vigilant of the subtle ways in which RICA's provisions could be misused and ensure that RICA is directed towards meaningful crime prevention.
Russel Luck BA LLB (UCT) is a legal adviser in Thailand.comments powered by Disqus